The default phpLD code, for all versions, contains hundreds of instances of incorrectly formatted code, resulting in 'Undefined 'type errors appearing in your server logs. These include, but are not limited to : Undefined Variable Undefined Index Undefined Offset

While not adversely affecting the operation of your site, these errors can quickly fill up error logs, which in turn can slow site performance.

Only fix the errors if shown in your logs and do NOT just arbitrarily change the code of your site, just because they are shown here.

The attached file shows the errors you might see in your logs, the original code and what it should be changed to eliminate the errors.

While this list contains many errors that you may see, it is by no means complete and will be added to over time.

phpLD has many versions and code amendments within those versions, so it is impossible to list everything you may see. However, if your site shows any 'Undefined' type errors not listed below and we will endeavour to find you a solution.

Line Numbers shown may not match your installationPlease ensure the 'FIND' code is exactly matched with that shown and do not change if it is different.

There are a lot of reasons why this could be happening on your install, but most are related to the way your host has things set up and NOT to do with the phpLD script in any way.

If you are having issues logging into your admin panel, the following things will need to be checked :

Find our where your host keeps it's folder used to store temporary session data. This is usually a folder called 'tmp' but may be called something else on your host. It is usually stored outside your public_html folder and doesn't present any issues, but more and more lately, this folder is becoming inaccessible for scripts due to permission based errors or the script simply not finding that folder. Try the following :

Create a 'tmp' folder inside your public_html location. this is 100% secure, but if your admin login starts working after doing this, then you can move it outside of public_html and make the next edit.

Set your temporary folder location in your includes.config.php file by using 'ini_set' or 'set_include_path' (or amending the path if already there). Some hosts don't allow scripts to set the path, or may not allow the use of either of the commands, so you should ask your host how you can set the path to your temporary session folder.

Make the folder world writable. If outside public_html, then this is perfectly safe.

If the above does not resolve the issue, then check that the hashed passwords in your database PLD_USER table includes a {sha1} prefix, as a few hosts seem to have been removing this when transferring data. Hashed passwords stored in the database should look something like the following :

{sha1}fc4d74718d33536960f40a67sedda1c06e09766e

If any are missing {sha1} at the beginning of the character string, then logging into those accounts will not be possible.

Check that your PLD_USER table is not locked or crashed. If it has, please run a 'Repair' from phpMyAdmin on that table.

Check your file and folder permissions. Incorrect permission settings on some hosts can prevent logging in to user accounts on phpLD scripts. Usually, PHP folders should be set to 755 and files to 644. Exceptions are include/config.php which should be set at 444 as an absolute maximum (for security).

On some hosts, for phpLD to function properly, the temp/, temp/templates, temp/cache, temp/adodb folders should be set to 777, although this is quite rare these days.

You may need to to any or ALL of the above., but try them in the order you see them. If you still can't get into admin after performing all of the above, you may need to speak to your host, espeically if you know it was working before and haven't changed anything prior to it stopping working, as they may have upgraded or changed something else that is affecting your site in another way.

DESCRIPTION :This mod allows you to ban IP's from accessing your sites' contact page forms with a customisable error message, or if preferred, blocking IP addresses completely from your site and returning a permissions (403) based error to the user.

If you have multiple sites, this mod will use centrally located IP ban lists that you only need to uploaded to a single site, making it a simple process of making a single file edit to ban an IP address across as many sites as you own.

The mod can be configured to use two separate lists to ban IP addresses differently :If only a single banlist is supplied, IP's added to that list will be banned from your contact form only.If a secondary list is added to the mod settings in admin, any IP's added to that list will be banned site-wide.

When banned from your contact form, the mod allows for a customisable error message which is set in admin for each site.

The mod works independently from the Ban Control system built into admin, which is only supposed to block IP's from submitting listings.

NOTES :The banlists you create (in txt format), must be uploaded to a server that has cURL enabled.Most hosts do allow this by default, but there are some that require you to enable cURL this in your control panel or PHP configuration files. Please check that your site that you intend to host the ban-lists supports cURL connections.

Please note that mods for Beta or RC versions of phpLD are not supported, unless we install.

** Only available for free when a total purchase value of $10.00 or over has been made for any of our mods for self-install.

IMPORTANT : This post relates to the hosting that we provide using the Hepsia Control Panel. These instructions are meant as a guide only and not a definitive tutorial as changes in hosting terms or the provision of free certificates may change at any time.

If you encounter problems, I will assist for free, ONLY where time allows, but you should understand that you use these instructions at your own risk!

These instructions were correct at the time of posting / updating and were used exclusively to install the certificates at all my own sites, including this forum.

Last updated : 17 February 2017 at 16:12 (UK)

Now that Google have started penalising websites without SSL certificates (or rather, they say, giving sites with HTTPS a ranking boost), it is becoming important that you add them to your site.

Bruleo hosting offers great value certificates, but for those that cannot see the cost justification for your site, it is a relatively easy process to install fully functional free certificates provided by Let's Encrypt.

Currently, the only draw-back with adding these free certificates is that they have a three month expiry, so would need to be renewed every 90 days.

Note : Many hosts will not allow you to install 3rd-party or free certificates as they want you to spend more money with them. Most will tell you that you need to have a dedicated IP address, or even worse, a minimum of VPS hosting to install certificates: This is total rubbish as you do not need either (although a dedicated IP is recommended). If they tell you this, tell them to get lost and move to a host that doesn't lie. Unlike most hosts, and despite selling their own certificates and IP address (both of which I provide at cost), you are allowed install 3rd-party certificates on the hosting I provide using special IP addresses that are provided with each hosting account. Of course, if you want a dedicated IP address, you can do that too!

The following may seem daunting, but all in all, it takes less than five minutes once you've logged in and got the relevant pages up that you need.

It will be in four parts. Part #1 and #4 only need to be done once, but unfortunately, due to the current nature of free certificates, the rest will need to be done every 90 days (although this is being discussed at Let's Encrypt and may be extended in the future).

PART 1 (Create CSR for your site) :1) Log into your Hepsia hosting Control Panel Go to 'My Domains' >> 'SSL Certificates'2) Choose 'CSR Requests', then ''Generate CSR'.3) Complete the form as required (use www.southsound.co.uk as Hostname as it will cover both www and non-www versions)4) Once generated, copy the CSR and Private Key, using the icons under 'Actions'.(Note : The email address you provide MUST be an account set up at your host and related to your domain, otherwise the generated certificate will not be valid.)(VERY IMPORTANT : NEVER GIVE THE PRIVATE KEY TO ANYONE!)

PART 2 (Prove site ownership and generate certificate) :5) Go to https://www.sslforfree.com/ and enter your domain in the box and hit enter.6) Chose Automatic or Manual Verification, depending on what you prefer. (Automatic might be quicker, but I don't like entering my FTP info on sites, so prefer the Manual method).7) Follow the instructions.8) Make Sure 'I Have My Own CSR' is ticked and paste in the CSR content you created in Step #49) Click 'Download SSL Certificate'.(Note : If using manual verification, note that the first folder you will need to create contains a dot at the beginning of the name.)

PART 3 (Upload and install certificate) :10) In your hosting Control Panel, choose 'My Domains >> Hosted Domains', then choose 'Edit Domain' (the cog icon next to your domain in the list).11) In the form that opens, under IP address, choose the IP displayed under 'Available Shared IP's for SSL's'12) Choose 'Upload SSL Certificate' under 'Secure Socket Layer (SSL).13) Paste in the Private Key and CSR content from step #4 above.14) Paste in the 'Certificate' and CA Bundle from sslforfree.com in the other two fields.15) All other fields can be left as they are, Click save, wait a few seconds and it should be done.

PART 4 (Redirecting http to https) :Once you have installed, you will need to ensure that http' redirects to 'https'. Some hosts allow you to do this within the main hosting Control Panel, but if they do not, you will need to this in your main htaccess file by adding something like* the following code after 'RewriteEngine On' :

(* Please note that there are a great many code variations that do the same thing. Depending on what other redirects you have in place [www to non-www for example], you may need to use different code, most of which can be found online.)

An example which should work in most cases to redirect http non-www to https www would be as follows :

You will need to research the exact code you need for your site, as everyone's exact requirements are different. DO NOT JUST BLINDLY COPY AND PASTE THIS TYPE OF CODE WITHOUT ENSURING IT WORKS FOR YOU!

IMPORTANT :a) If you have any directs calls to images or content on your site that use http, they will ALL need to be changed to https. If you do not do them all, security warnings may show in visitor's browsers, with some browsers blocking access completely. Also, Google will NOT recognise any sites with their latest updates that have any security warnings caused by these. If you use any server third-party scripts stored on your server, you may need to edit these. Some third-party ad providers (such as PaidOnResults), still use http for a lot of their banner code. If you use these, your site will suffer from security warnings. For example, if you include a banner on your site that is located on another site's server, that image must also be served though the https protocol. If the external site is not https, then the image will either not load, generate security warnings or prevent your entire site from loading. You will therefore need to consider either removing the banner entirely, or placing the image on your server.

In short, after changing to https, ANY resource used by your site that would ultimately be loaded onto a user's computer, will also need to be using https.

To see if your site fails anywhere, simply load your browser in Chrome, FF, Edge or IE and use any of the included developer resources in that browser and they will tell you exactly where to look. From personal experience, IE and Edge are best.

b) PHPLinkDirectory Users Only : Most, if not all default installations of the PHPLinkDirectory script have poor coding that do not allow for automatic detection of https, causing things like the listing submission process to fail following certificate installation. For any identified code changes you may need to make following certificate installation, please see the following thread :http://www.bruleo.com/using-https/ (Note : If you find any other problems following installation of SSL on our hosting AND using any version of the phpLD script above 3,2, let me know and if it is a problem caused by the default code, I will look into it and endeavour to find a fix!)

c) Do not forget to change any admin settings if you have them to reflect the new https URL. For phpLD scripts for example, this would be in your admin 'Settings >> Site' section. If you find that the https version of your site is loading without any formatting, this is probably the reason. (Note, some scripts contain URL settings in files).

TIPS :a) Ensure you renew your certificate several days prior to the expiry date. Since the site needs to propagate DNS around the world, any change of certificate may take 24 hours or so before the certificate shows. From experience with this hosting, it is unlikely to be more than a few minutes to fully propagate, but it is totally possible that it could take up to 72 hours.

b) If you complete your email etc in the main form for the certificate at sslforfree.com, they will send you a reminder one week before it expires.

c) It would be advisable to copy your Private Key & CSR and store them somewhere secure. That way, if the worst happens and you lose your site and need to restore, you should be able to these to reactivate any certificate you have already created. (I'm not sure how to do this just yet, but am advised elsewhere that it can be done!)

d) When creating the certificate at sslforfree.com, be sure to add both the www and non-www version of your domain. Sometimes, certificates for the www version will work with both, but it often depends on both the certificate authority, the hosting and how it is installed. If you redirect non-www to www (or vica-versa) then this is not that important, as long as the redirect you use works for all pages and the certificate is created for the destination domain. (Note : It is recommended you do this type of redirect as it negates duplicate content issues.)

IMPORTANT NOTE : When creating this mod feature, it was found that that some of the required code already exists in some versions of phpLD, but like a lot of things in phpLD it was never used as the function was never fully completed. This means that due to phpLD's bad habit of performing silent updates and adding code without changing the version number or even telling anyone, the mod update instructions above may not fully represent the code contained in your active version of phpLD

For example, to our knowledge, there are now AT LEAST six versions of phpLD 4.2.2 that contain different code in various places, the most recent of which contains some VERY significant changes that are incompatible with the others versions if mixed.

Therefore, if in doubt, it is always best to follow the installation instructions for mods in their entirety and ensure that code required actually exists.

A very minor bug was identified only in versions of phpLD where the smarty library had been upgraded to the very latest version, causing pagination for the Mod Settings Panel to stop working.

This does not effect any phpLD versions unless you have manually upgraded smarty.

If the pagination for your Mod Settings Panel is not working you will need to use at least version 1.7.1 of the Mods Settings panel files, so please download the installation ZIP and re-upload both files contained therein.